December 25 Web Application Firewall (WAF) Back-to-origin CIDR Blocks Upgrade Notice
Upgrade Period: (UTC+8) 10:30-12:30 on December 25, 2018 (PST 18:30-20:30 on December 24, 2018)
Upgrade Range: Mainland China and International server rooms of Web Application Firewall (WAF)
Upgrade Impact: Web Application Firewall will expand the capacity of servers and new back-to-origin CIDR blocks will be added. If your origin servers have IP whitelist or security group settings for access control, to only allow accesses from WAF back-to-origin CIDR blocks, you must add the following new WAF back-to-origin CIDR blocks into the whitelist before the capacity expansion.
Note: Besides adding new back-to-origin CIDR blocks, some existing CIDR blocks are also updated this time. Please verify the new CIDR blocks carefully.
New WAF back-to-origin CIDR blocks for the Mainland China region:
184.108.40.206/24, 220.127.116.11/24, 18.104.22.168/24, 22.214.171.124/24, 126.96.36.199/24, 188.8.131.52/24, 184.108.40.206/24, 220.127.116.11/24, 18.104.22.168/27, 22.214.171.124/27, 126.96.36.199/27, 188.8.131.52/26, 184.108.40.206/24, 220.127.116.11/26, 18.104.22.168/27, 22.214.171.124/27, 126.96.36.199/24, 188.8.131.52/25, 184.108.40.206/27, 220.127.116.11/24, 18.104.22.168/24, 22.214.171.124/24, 126.96.36.199/24, 188.8.131.52/26, 184.108.40.206/26
New WAF back-to-origin CIDR blocks for the International region:
220.127.116.11/27, 18.104.22.168/26, 22.214.171.124/27, 126.96.36.199/24, 188.8.131.52/24, 184.108.40.206/27, 220.127.116.11/24, 18.104.22.168/27, 22.214.171.124/27, 126.96.36.199/27, 188.8.131.52/24, 184.108.40.206/27, 220.127.116.11/27, 18.104.22.168/27, 22.214.171.124/27, 126.96.36.199/27
You can obtain the latest WAF back-to-origin CIDR blocks on the Web Application Firewall management console. For more information, see: https://www.alibabacloud.com/help/doc-detail/99399.htm.
Additionally, with frequent change of WAF back-to-origin CIDR blocks, we recommend that you do not only use back-to-origin CIDR blocks to do the origin site protection, but also use traffic marks to judge whether traffic passes through WAF for protection. For more information, see https://www.alibabacloud.com/help/doc-detail/99413.htm.
We apologize for any inconvenience caused. If you have any questions, please feel free to contact us by submitting a ticket any time.